CVE-2017-0624

MEDIUM

Android Kernel 3.10/3.18 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-0624. PoCs published by codecat007.

AI-analyzed exploit summary The repository contains a functional proof-of-concept exploit for CVE-2017-0624, targeting a race condition in the Android kernel's debug driver. The PoC spawns multiple threads to repeatedly open and read from a vulnerable proc file, triggering the race condition.

Description

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34327795. References: QC-CR#2005832.

Exploits (1)

github WORKING POC 8 stars
by codecat007 · cpoc
https://github.com/codecat007/cvehub/tree/main/android/kernel/CVE-2017-0624

The repository contains a functional proof-of-concept exploit for CVE-2017-0624, targeting a race condition in the Android kernel's debug driver. The PoC spawns multiple threads to repeatedly open and read from a vulnerable proc file, triggering the race condition.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: Android kernel (Google Pixel, sailfish:7.1.1/NMF26U)
No auth needed
Prerequisites: Access to the vulnerable Android device · Kernel with the vulnerable debug driver
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2017-05-01
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/98200

Scores

CVSS v3 5.5
EPSS 0.0020
EPSS Percentile 41.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (4)
Google Inc./Android Kernel-3.10
Google Inc./Android Kernel-3.18
linux/linux_kernel 3.10
linux/linux_kernel 3.18
Published May 12, 2017
Tracked Since Feb 18, 2026